Palo Alto Networks, a well-known cybersecurity comapnay, has recently announced that an increasing number of fake Flash Player updates has flooded the internet. Read below to learn how to avoid them and keep your system safe.
How do they look like?
In most if not all cases, they use a notification similar to the one used by the official Adobe Flash. They often appear on poorly-protected sites that offer flash games and video content. Usually they block the whole screen, as they claim that you need to update your player in order to access the desired content.
How does it work?
After you click on the notification, an installer will be downloaded. When users run the installer, it automatically injects cryptocurrency miners into their system, like the notorious XMRig. In some cases it may actually update your Flash Player in order to prevent suspicions.
After the malware is injected into the system it will silently run in the background, using system resources in order to generate currency for the attacker. The stealthy design of the malware renders is invisible against most antivirus solutions.
How to spot it?
While they are not directly visible, they still require resources in order to work. The easiest way to find them is to open Task Manager and search for strangely-named processes that use a moderate amount of resources. If one or more are found, the system may be infected. If your system is slower than it should be and programs have started to lag you may have been infected with a miner, even if it came from another source.
Proficient PC users and people that are running a suitable antivirus shouldn’t encounter any problems as the antivirus will block the malicious installer before the malware can infect the system. Ad blocking solution can keep those notifications away, as they usually imitate an advert.
Fake updates may also install malware that steals your private data. In order to remain safe, update you Flash player from the official Adobe site constantly and don’t click on those pesky notifications.